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Q 2 



1 5. 

2 



1 6. 



WE CLAIM: 

1 . A disk drive 2 comprising: 

(a) a disk 4 for stor ng data, the disk 4 comprising a public area 6 for storing plaintext 
data and a pristi le area 8 for storing encrypted data; 

(b) a head 10 for re iding the encrypted data from the pristine area 8 of the disk 4; 

(c) a control systeni 12 for controlling access to the pristine area 8 of the disk 4; 

(d) authentication circuitry 14 for authenticating a request received from an extemal 



entity to access t 



le pristine area 8 of the disk 4 and for enabling the control system 12 



if the request is authenticated; 



(e) a secret drive kej 

(f) decryption circui 



encrypted data stored in the pristine area 8 of the disk 4 to generate decrypted data. 



The disk drive of cla 
data. 



16; and 

ry 18, responsive to the secret drive key 16, for decrypting the 



m 1, wherein the encrypted data comprises encrypted authentication 



The disk drive of claim 2, v^herein the authentication circuitry is responsive to the 
decrypted data. 



1 4. The disk drive of claijn 2, wherein the encrypted authentication data comprises encrypted 

2 user authentication &< ita. 



The disk drive of claim 2, wherein the encrypted authentication data comprises encrypted 
device authentication data for authenticating a device, the device comprising a unique 
device ID configured during manufacture of the device. 



The disk drive of c 



aim 2, wherein the encrypted authentication data comprises encrypted 



Y:\IC35 A\A0635\DOCS\k35a0635paf.<Joc 7/31/00 



14 



1 12. 

2 

3 

4 

5 

1 13. 

2 

3 

4 




PATENT 

ATTY DOCKET K35A0635 



2 information for implemcsnting a challenge and response verification sequence. 

1 7. The disk drive of claim 2, wherein the encrypted authentication data comprises encrypted 

2 message authentication qata. 



1 8. The disk drive of claim 7 

2 key data for generating a 



1 9. The disk drive of claim 1, 

2 decrypting an encrypted njessage 



wherein the encrypted authentication data comprises encrypted 
nessage authentication code. 



wherein the encrypted data comprises encrypted key data for 



1 1 0. The disk drive of claim 1 , 



1 11. The disk drive of claim 1 , 

2 for encrypting plaintext 



ivherein the encrypted data comprises encrypted message data. 

wherein the disk drive further comprises encryption circuitry 
into the encrypted data stored in the pristine area. 



data 



The disk drive of claim 1, wherein: 

(a) the disk further comprises embedded servo sectors comprising servo bursts; 

(b) the control system comprises a servo control system responsive to the embedded 
servo sectors; and 

(c) the authentication circiliitry enables the servo control system. 



The disk drive of claim 12 

(a) the servo bursts are wijitten 

(b) the authentication circ 
bursts. 



, wherein: 

to the disk in encrypted form; and 
aitry enables the servo control system to decrypt the servo 
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The disk drive of claim 13, wherein: 



(a) the servo bursts are written to the disk with additive noise generated from a pseudo 
random sequenc 

(b) the pseudo random sequence is generated from a polynomial; 

(c) the servo control svstem uses the polynomial to decrypt the servo bursts; and 

(d) the authentication tircuitry provides the polynomial to the servo control system. 
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15. A disk drive comprising: 

(a) a disk for storing data, the disk comprising a public area for storing plaintext data and 
a pristine area for storing encrypted data; 

(b) a head for reading data from the disk; 

(c) a control system for controlling access to the disk; 

(d) a secret drive key;\ 

(e) decryption circuitry, responsive to the secret drive key, for decrypting the encrypted 
data stored in the prastine area of the disk to generate decrypted data; and 

(f) authentication circuitry, responsive to the decrypted data, for authenticating a request 
received from an external entity to access the disk and for enabling the control system 
if the request is authqiticated. 
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16. A disk drive 2 comprising: 

(a) a disk 4 for st<|ring data, the disk 4 comprising a public area 6 for storing plaintext 
data and a pristine area 8 for storing encrypted data; 

(b) a head 10 for|reading the encrypted data from the pristine area 8 of the disk 4; 

(c) a control system 12 for controlling access to the pristine area 8 of the disk 4; 



(d) a secret drive 



key 16; and 



(e) decryption circuitry 18, responsive to the secret drive key, for decrypting the 

encrypted d4a stored in the pristine area 6 of the disk 4, 
wherein: 

the disk 4 comprises a plurality of physical blocks accessed by the control system through 

physical block addresses; 
a request received from an external entity during normal operation of the disk drive 

comprises a logical block address which is mapped by the control system to a 

selected one of the physical block addresses; and 
the pristine area comprises at least one physical block written with at least part of the 

encrypted data during manufacturing of the disk drive and not extemally 

accessible through a logical block address during normal operation of the disk 

drive. 
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A method of processing a request received by a disk drive from an external entity to 



access encrypted d 
of: 



Lta stored in a pristine area of a disk, the method comprising the steps 



(a) authenticating the request to access the pristine area and enabhng access to the 

\ 

pristine area if the request is authenticated; 

(b) reading the encrypted data stored in the pristine area; and 

(c) decrypting the enorypted data using a secret drive key within the disk drive to 
generate decrypteq data. 



The method as recited 
authentication data. 

The method as recited 
decrypted data. 



n claim 17, wherein the encrypted data comprises encrypted 



ii claim 18, wherein the step of authenticating is responsive to the 



The method as recited 
encrypted user 



m i 



claim 18, wherein the encrypted authentication data comprises 
authentidation data. 



1 21. The method as recited ir claim 18, wherein the encrypted authentication data comprises 



encrypted device authen 



ication data for authenticating a device, the device comprising a 



unique device ID configured during manufacture of the device. 



1 22. The method as recited in 



claim 18, wherein the encrypted authentication data comprises 



encrypted information for implementing a challenge and response verification sequence. 



1 23. The method as recited in 

2 encrypted message 



olaim 18, wherein the encrypted authentication data comprises 
authentication data. 
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24. The method as recitedVin claim 23, wherein the encrypted authentication data comprises 
encrypted key data for generating a message authentication code. 

25. The method as recited in cmim 17, wherein the encrypted data comprises encrypted key 
data for decrypting an encrwted message. 

26. The method as recited in clai^ 17, wherein the encrypted data comprises encrypted 
message data. 



27. The method as recited in claini 1 7, further comprising the step of encrypting plaintext 
data to generate the encrypted data stored in the pristine area. 



The method as recited in claim 
sectors comprising servo bursts 



28. The method as recited in claim [17, wherein the disk further comprises embedded servo 

the method further comprising the steps of: 

(a) servoing a head over the disk in response to the embedded servo sectors; and 

(b) enabling servoing in the pristine area if the request is authenticated. 

29. The disk drive of claim 28, wherein: 

(a) the servo bursts are written to the disk in encrypted form; and 

(b) the step of authenticating tl e request to access the pristine area comprises the step of 
decrypting the servo bursts! 

30. The disk drive of claim 29, wqerein: 

(a) the servo bursts are writterj to the disk with additive noise generated fi'om a pseudo 
random sequence; 

(b) the pseudo random sequende is generated from a polynomial; and 
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(c) the step of servoing uses the polynomial to decrypt the servo bursts. 
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31 . A method of proces;>ing a request received by a disk drive from an external entity to 

access data stored o i a disk, the disk comprising a pubUc area for storing plaintext data 
and a pristine area for storing encrypted data, the method comprising the steps of: 

(a) decrypting the encrypted data stored in the pristine area of the disk using a secret 
drive key within tne disk drive to generate decrypted data; and 

(b) using the decrypteqdata to authenticate the request received from the external entity 



before allowing acc 



;ss to the disk. 
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